You want to block all sub-domains of a specific website.
Or
You want to use a wildcard in a domain.
Or
You want to allow a domain while still blocking the Parent domain.
Or
You want to block a TLd (Top Level Domain).
The Web Security Service does not support wildcard domains.
You should include only the top-level domain. The policy will match all subdomains.
Tip: You can use rule ordering logic to ensure other subdomains apply a different policy
#Rule 1 test.example.com BLOCK
#Rule 2 example.com ALLOW
This will result in example.com being allowed but test.example.com still being blocked.
The same concept also works with Top Level domains, for instance
#Rule 1 com BLOCK
Will result in google.com being blocked
Previous article name:
(Cloud) Is wildcard "*" supported in URL object for policy?